diff --git a/hosts/MOMO/services/hedgedoc.nix b/hosts/MOMO/services/hedgedoc.nix index ef5eb51..5cacfe4 100644 --- a/hosts/MOMO/services/hedgedoc.nix +++ b/hosts/MOMO/services/hedgedoc.nix @@ -5,21 +5,24 @@ settings = { port = 8009; host = "127.0.0.1"; - allowOrigin = - [ "localhost" "127.0.0.1" "hedgedoc.dryb.org" "md.dryb.org" ]; - allowGravatar = true; + domain = "hedgedoc.dryb.org"; + protocolUseSSL = true; + db = { username = "hedgedoc"; database = "hedgedoc"; - host = "postgresql:///hedgedoc"; + host = "/run/postgresql"; dialect = "postgresql"; }; + allowAnonymous = false; allowAnonymousEdits = false; allowFreeURL = true; requireFreeURLAuthentication = true; email = true; - allowEmailRegister = true; + allowEmailRegister = false; + + allowGravatar = true; }; }; diff --git a/hosts/MOMO/services/nginx.nix b/hosts/MOMO/services/nginx.nix index 5bd1433..e5d1930 100644 --- a/hosts/MOMO/services/nginx.nix +++ b/hosts/MOMO/services/nginx.nix @@ -2,6 +2,12 @@ { services.nginx = { enable = true; + + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + virtualHosts."hedgedoc.dryb.org" = { addSSL = true; enableACME = true; @@ -9,13 +15,6 @@ proxyPass = "http://127.0.0.1:8009"; }; }; - virtualHosts."md.dryb.org" = { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "301 https://hedgedoc.dryb.org$request_uri"; - }; - }; virtualHosts."miniflux.dryb.org" = { addSSL = true; enableACME = true; diff --git a/hosts/MOMO/services/postgresql.nix b/hosts/MOMO/services/postgresql.nix index 82083e6..dd4d6af 100644 --- a/hosts/MOMO/services/postgresql.nix +++ b/hosts/MOMO/services/postgresql.nix @@ -15,7 +15,7 @@ } ]; - # type database DBuser auth-method mapping + # type database DBuser auth-method mapping authentication = '' local all postgres peer local vaultwarden all ident map=vaultwarden-users